<?php
require '../../common/initPage.php';
require '../../common/dbcon.php';
require '../../common/func.php';
require '../../common/showTips.php';
require '../../common/checkForm.php';

session_start();
unset($_SESSION['$forgeterrorTipArr']);

if(!empty($_GET['action'])&&$_GET['action']=='forget') {
    //检查验证码正确与否
    if (strtolower(handledata($_POST['forgetcode'])) == $_SESSION['authcode']) {
        //检查是否传空值
        if (isnull($_POST)&&
            checkUserID($_POST['forgetid']) &&
            checkUsername($_POST['forgetname'])
        ) {
            //正确无误，处理数据
            $id = handledata($_POST['forgetid']);
            $name = handledata($_POST['forgetname']);
            $forgetUserInfo=queryForgetPWD($mysqlCon,queryIsByIDName,$id,$name);
            if (!empty($forgetUserInfo)) {
                //用户名与ID相同，重置密码为学号/工号+盐值
                $forgetuslat=substr(uniqid(microtime()), -6);
                $forgetupwdUnlock=$forgetuslat+$_POST['forgetid'];
                $forgetupwdLock=enpwd($forgetupwdUnlock, $forgetuslat);
                if(upPWDInfo($mysqlCon,updateUserPWDInfo,$forgetupwdLock,$forgetuslat,$id)){
                    $_SESSION['$forgeterrorTipArr'][]='密码重置成功！新密码为【 '.$forgetupwdUnlock.' 】';
                }else{
                    //重置密码失败
                    $_SESSION['$forgeterrorTipArr'][]='管理员审核后会在三个工作日内将密码重置';
                }
            } else {
                //找不到符合的数据
                $_SESSION['$forgeterrorTipArr'][]='管理员审核后会在三个工作日内将密码重置';
            }
        } else {
            //不合规，输出错误
            if (!$_POST['forgetid']) $_SESSION['$forgeterrorTipArr'][]= '学号/工号不能为空';
            if (!$_POST['forgetname']) $_SESSION['$forgeterrorTipArr'][]= '用户名不能为空';
            if (!checkUserID($_POST['forgetid'])) $_SESSION['$forgeterrorTipArr'][]='学号/工号应由8位纯数字组成';
            if (!checkUsername($_POST['forgetname'])) $_SESSION['$forgeterrorTipArr'][]='用户名应由2~16位汉字、英文字母、数字、下划线组成';
        }
    }else{
        $_SESSION['$forgeterrorTipArr'][]= '验证码不正确';
    }
}

require '../../views/public/forgetpwd.html';